package com.miniprogram.admin.shiro.realm;

import com.miniprogram.admin.service.IAdminPermissionService;
import com.miniprogram.admin.service.IAdminRoleService;
import com.miniprogram.admin.service.IAdminUserRoleService;
import com.miniprogram.admin.service.IAdminUserService;
import com.miniprogram.bean.po.AdminPermission;
import com.miniprogram.bean.po.AdminRole;
import com.miniprogram.bean.po.AdminUser;
import com.miniprogram.bean.vo.admin.AdminUserVo;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * 自定义Realm
 */
@Slf4j
public class ShiroRealm extends AuthorizingRealm {

    @Autowired
    private IAdminUserService iAdminUserService;
    @Autowired
    private IAdminUserRoleService iAdminUserRoleService;
    @Autowired
    private IAdminRoleService iAdminRoleService;
    @Autowired
    private IAdminPermissionService iAdminPermissionService;

    /**
     * 获取用户角色和权限
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
        AdminUserVo user = (AdminUserVo) SecurityUtils.getSubject().getPrincipal();
        String account = user.getAccount();

        System.out.println("用户" + account + "获取权限-----ShiroRealm.doGetAuthorizationInfo");
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        // 获取用户角色集
        List<AdminRole> roleList = iAdminRoleService.findByAccount(account);
        Set<String> roleSet = new HashSet<>();
        for (AdminRole r : roleList) {
            roleSet.add(r.getName());
        }
        simpleAuthorizationInfo.setRoles(roleSet);
        // 获取用户权限集
        List<AdminPermission> permissionList = iAdminPermissionService.findByAccount(account);
        Set<String> permissionSet = new HashSet<>();
        for (AdminPermission p : permissionList) {
            permissionSet.add(p.getName());
        }
        simpleAuthorizationInfo.setStringPermissions(permissionSet);
        return simpleAuthorizationInfo;
    }

    /**
     * 登录认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {

        // 获取用户输入的用户名和密码
        String account = (String) token.getPrincipal();
        String password = new String((char[]) token.getCredentials());

        // 通过用户名到数据库查询用户信息
        AdminUser user = iAdminUserService.findByAccount(account);
        if (user == null) {
            throw new UnknownAccountException("用户不存在！");
        }
        // 获取用户权限集
        List<AdminPermission> permissionList = iAdminPermissionService.findByAccount(account);
        List<AdminRole> roleList = iAdminRoleService.findByAccount(account);
        if (!password.equals(user.getPassword())) {
            throw new IncorrectCredentialsException("用户名或密码错误！");
        }
        AdminUserVo adminUserVo = new AdminUserVo();
        BeanUtils.copyProperties(user, adminUserVo);
//        adminUserVo.setAdminPermissionList(permissionList);
        adminUserVo.setAdminRoleList(roleList);
        return new SimpleAuthenticationInfo(adminUserVo, password, getName());
    }

}
